Get Informed

Participate

Vulnerabilities

CVE-2006-2194 (ppp)

The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing ...

on 2006-07-05 13:35:14

The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such as exceeding PAM limits for the maximum number of user processes, which prevents the winbind NTLM authentication helper from dropping privileges.

Use of this site is governed by our Terms of Use and Privacy Policy.
Copyright 1996- Ziff Davis, LLC. All Rights Reserved.
Reproduction in whole or in part in any form or medium without express written permission
of Ziff Davis, LLC. is prohibited.PCMag Digital GroupAdChoice